HOWTO: Report Spam / Phishing Email, Phone Call or Text

Purpose

Report any spam or phishing email that gets through to your mailbox with the Report Phishing button or by forwarding as an attachment to the No Spam mailbox.

WHAT IS SPAM?

Spam is unsolicited, unwanted commercial email usually sent to a large number of addresses. When you receive spam, do not open the email; report it immediately.

WHAT IS PHISHING?

Phishing is the attempt to trick you into giving up sensitive information or performing an action, like clicking a link or opening an attachment. Phishing can come in many forms including email, phone call, text message, social media, etc. A phishing email, the most common form, is especially dangerous as it can infect your computer and the Mass General Brigham network with malware. Phishing may also result in identity theft.

WHY SHOULD I REPORT SPAM/PHISHING?

Mass General Brigham Information Systems uses technology that filters out and quarantines common spam email senders on our network before they can reach your inbox. Reporting spam and phishing attempts add the address to the list of blocked senders on our network, preventing other users from receiving similar emails. If a message manages to get through the tool, it is important to report it to improve the spam-detection capabilities of our email system.

HOW DO I REPORT SPAM OR PHISHING EMAIL?

If you receive a suspicious email:

  • Do not click on links within the message, open attachments or reply
  • Report the email using the Report Phishing button; the message will automatically be deleted
  • If you do not have the Report Phishing button, forward the email as an attachment to nospam@partners.org and then delete the message

Report Phishing Button (Recommended method if available)

Note: If the new button looks greyed out (disabled), turn on your Reading Pane in the View setting of Outlook (See FAQs for instructions).

 

Windows

  1. Highlight the message in your inbox
  2. On the Outlook toolbar, click the Report Phishing button
     
    A screenshot of a cell phone Description automatically generated
  3. A confirmation window displays
     A screenshot of a cell phone Description automatically generated
  4. Click OK

Mac OS X

  1. Highlight the message in your inbox
  2. On the Outlook toolbar, click the Report Phishing button
  3. A confirmation window displays
  4. Click OK

 

A screenshot of a cell phone Description automatically generated

Outlook Web App (OWA)

  1. Highlight the email in your Inbox
  2. Click the Report Phishing button

If you do not see the button, click the three dots (…) "More actions" menu to access the Report Phishing button.

To pin the button, please see HOWTO: Pin the Report Phishing button in Outlook Web Access (OWA) to the Message Surface

 

iOS Smartphone – Outlook Application

 

  1. Open the desired email from the Outlook app
  2. Tap the Add-ins icon (…).
  3. Tap the Report Phishing button to report the selected email.
  4. Tap OK to confirm.

A screenshot of a cell phone Description automatically generated

 

 

Android Smartphone – Outlook Application

 

  1. Open the desired email from the Outlook app
  2. Tap the Add-ins icon.
  3. Tap the Report Phishing button to report the selected email.
  4. Tap OK to confirm.

A screenshot of a cell phone Description automatically generated

 


Alternative Methods (Use when Report Phishing button is not available)

Windows 

Outlook 2013 & 2016

  • Select the message in your inbox
  • On the Outlook ribbon, in the Respond group, click More, and then select Forward as Attachment
  • Address the message to nospam@partners.org, and use "Spam" for the subject
  • Click Send

Outlook 365

  • Highlight the message in your Inbox by clicking on the message 1 time
  • On the Home tab, in the Respond section, select More
  • Click Forward as Attachment
  • A new message will appear on your screen with the attachment included
  • Address the message to nospam@partners.org
  • Click Send

A screenshot of a cell phone Description automatically generated

Mac OS X

Mac Mail

  • Highlight the Message in the Messaging Pane; do not open the message
  • From the menu Message select Forward as Attachment
  • Address the message to nospam@partners.org
  • Click Send

Outlook 2016 for Mac

  • Highlight the message in your Inbox by clicking on the message 1 time
  • Select Attachment
  • Address the message to nospam@partners.org 
  • Click Send

A close up of a sign Description automatically generated


Frequently Asked Questions

What happens after I report an email?

Once an email is reported, it is moved to your Deleted Items folder. The email goes to our Security Monitoring Team for investigation. If the email is a part of our phishing awareness program, you receive instant feedback thanking you for using the Report Phishing button. If the email is malicious, you may be contacted for additional information. Quick reporting helps us prevent a widespread infection.

What should I do if you think you’ve received a phishing call or text?

If you are suspicious or don’t know a caller or number, ask the caller for their name and a callback number. Then hang up and call the IS Service Desk to report.

A screenshot of a cell phone Description automatically generatedWhat if my Report Phishing button looks greyed out (disabled)?

Your Reading Pane in Outlook must be turned on and set to Right or Bottom for the Report Phishing button to work.

 

 

 

 

Windows

  1. In the Outlook Menu, click View
  2. Click Reading Pane (Located in the Layout section of the toolbar for PCs)
  3. Select Right or Bottom
  4. Your Report Phishing button is now enabled

Mac OS X

  1. In the Outlook Menu, click Organize
  2. Click Reading Pane
  3. Select Right or Bottom
  4. Your Report Phishing button is now enabled

 

OR

A screenshot of a cell phone Description automatically generated


Escalation

If escalation is necessary, contact the IS Service Desk to have a ticket escalated to the information security - phs group for email or social media phishing or the cc telecom - phs group for phone call or text (SMS/MMS) phishing.